Large-Scale MPC: Decentralized Iris Code Membership

Abstract

Proof of Personhood is one of the core ideas behind the Worldcoin project. An integral part of this proof is the biometric uniqueness service where an iris code is checked against many others stored in a centralized database. However, iris codes could be reversible to an image that resembles a human eye which would infringe privacy of individuals. Furthermore, the centralized database holder could abuse the power to censor individuals, since it alone controls the database that new signups are compared to. Consequently, one requires to trust the central entity to not misuse its database. In this project we explore efficient methods to decentralize the database of existing iris codes using Multiparty computation (MPC), significantly improving privacy and censorship resilience. The main challenge with an MPC-based iris code membership protocol stems from 1) mixed operations over both larger rings and bits for hamming distance calculation and threshold comparisons and 2) the large database (3+ million) of iris codes which leads to huge communication between the MPC parties. After extensive experiments with state-of-the-art MPC protocols, we designed and implemented a dedicated MPC protocol for decentralized membership inference of iris code. Our final protocol, which is based on semi-honest and malicious variants of ABY3, can compare an iris code with 12800 bits to a database of 100k such codes in 0.4s for a semi-honest variant while only transmitting 0.6 MB of data, and in 3s for a malicious secure variant while transmitting only 4.6 MB of data.

Date
Feb 27, 2024
Location
D/Infra Summit – Denver, USA
Roman Walch
Roman Walch
Co-founder/Lead Cryptographer at TACEO

My main research interests include privacy enhancing technologies (FHE, MPC, ZKP), domain-specific symmetric primitives, and their application to real-world use cases.

Related